Nigeria fingered in latest NAB phishing attack: WatchGuard

Powered by SC Magazine
 

Africa's broadband revolution threatens Western businesses.

A home PC in Lagos, Nigeria, connected by domestic broadband was likely responsible for a surge in malicious emails targeting NAB customers today.

Reputation websites that tracked the bona fides of millions of machines connected to the net reported the IP address responsible saw an 11-fold increase in malicious traffic over the past day.

NAB has been contacted for comment.

The zero-day threat from the probably infected Nigerian host, one of the top spammers against the bank, was exposed in a demonstration of emerging threats using WatchGuard's web-based reputation authority.

The security vendor's Australian senior sales engineer Gary Spiteri said spammers have become more efficient at targeting customers of financial institutions, reflected by the fact that fewer of their phishing emails bounced than when using scattergun approaches.

As Africa connected to broadband it was following the lead of Western countries such as the US and those in Eastern Europe in becoming a vector of attack.

click to view full size image

"I doubt that there's a National Australia (Bank) mail host in Nigeria," Spiteri said.

"Interestingly, 83.33 percent [of the Nigerian host's emails] was spam but it's a 100 percent good recipient list: no bounce backs, they've got a good, qualified list of spam targets and two blacklists have it and two of them don't.

"That's quite possibly an emergent threat.

"It's probably a PC on a conventional ADSL link and it's got some sort of bot on it.

"This is probably the source of a phishing outbreak."

Spiteri said good security practices lagged adoption of broadband adoption in Third World countries.

"Third World countries don't spend money on anti-virus, don't put network security in place, they have pirated copies of Windows, which means that security updates are turned off from Microsoft; so you'll get an increasing number of vulnerable operating systems on PCs that are then targets for more bots to be deployed on to them which then become generators of more of this type of spam."

Borderware bears fruit

The Australia and New Zealand manager for firewall vendor WatchGuard,  Scott Robertson, said reputation technology it bought in last August's marriage with Canadian security vendor Borderware would filter down from its high-end XCS class of devices to the XTM line within six months: "We're hoping for 90 days".

Robertson said the installed base of 10,000 Borderware appliances that collect intelligence about emerging threats would grow in this time to more than 600,000 once the switch was flipped on Watchguard devices.

Overnight, Watchguard launched appliances aimed at small and medium-sized organisations. The pictured XTM5 for organisations with up to 1500 users and the XTM2 for branches and businesses of up to 50 users were based on its Fireware operating system and blocked Skype, instant messaging, attacks over unified communications and VoIP, the company said.

Channel

Robertson said WatchGuard was ramping up its channel activities by:

  • launching a credit card rewards program,
  • tightening adherence to its certification program,
  • increased marketing,
  • emphasising its partner program that allowed resellers to let their customers "try before they buy"
  • and an annual trip to a tropical resort for "top performers".

"We can have more discussions with resellers about spam and content filtering and sell up into the high-end space" such as banks and financial institutions, he said.

click to view full size image


Nigeria fingered in latest NAB phishing attack: WatchGuard
 
 
 
Top Stories
Earning the right to innovate
Breaking down the barriers to innovation is a long, but rewarding process, says Bank of Queensland Group CIO, Julie Bale.
 
A call for timely reporting
[Blog post] Businesses need incentives to keep customer data secure.
 
Doubts cast on Queensland's ICT Dashboard
Opposition, former Govt CIO say it can't be trusted.
 
 
Sign up to receive iTnews email bulletins
   FOLLOW US...
Latest Comments
Polls
What is delaying adoption of public cloud in your organisation?







   |   View results
Lock-in concerns
  26%
 
Application integration concerns
  3%
 
Security and compliance concerns
  29%
 
Unreliable network infrastructure
  9%
 
Data sovereignty concerns
  23%
 
Lack of stakeholder support
  3%
 
Protecting on-premise IT jobs
  5%
 
Difficulty transitioning CapEx budget into OpEx
  3%
TOTAL VOTES: 837

Vote